Working with Identity Server Local Apis
Some background: The Identity Server
is powerful fully customizable authentication and authorization solution. I'm using it for last two years in my projects. It is cool system and most times works out of the box however, in some scenarios an cause a lot of troubles.
The official example can be found here Adding Apis. It's a good working example if you settings up Identity Server
from scratch. However, in my case, I have to migrate existing endpoints from another application to existing Identity Server
,ย which gives me no option to run the seeding data procedure(?).
To enable token validation for local API we just need to add the following to Startup.cs
:
services.AddLocalApiAuthentication();
That was the easy part, now let's what is the tricky part: LocalApi
schema is using IdentityServerApi
scope. It is not added by default and need to be added manually in my case.
- Create the API Resource for your local API
INSERT [dbo].[ApiResources] ([Enabled], [Name], [DisplayName], [Created], [NonEditable])
VALUES (1, 'apiAuth', 'Auth API', GETDATE(), 0)
- Create new API scope
INSERT [dbo].[ApiScopes] ([Name], [DisplayName], [Description], [Required], [Emphasize], [ShowInDiscoveryDocument], [ApiResourceId])
VALUES ('IdentityServerApi', 'Auth API', null, 0, 0, 1, <here comes the is from #1>)
- Add
IdentityServerApi
to client scopes:
INSERT [dbo].[ClientScopes] ([Scope], [ClientId])
VALUES ('IdentityServerApi', <clientId assuming you have one>)
To the full gist
๐ Turbocharge Your Infrastructure with Our Terraform Template Kits! ๐
๐ Slash deployment time and costs! Discover the ultimate solution for efficient, cost-effective cloud infrastructure. Perfect for DevOps enthusiasts looking for a reliable, scalable setup. Click here to revolutionize your workflow!
Learn More about Starter Terraform Kits for AKS,EKS and GKE
No comments are allowed for this post